Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
weak vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2000-0074
PowerScripts PlusMail CGI program allows remote malicious users to execute commands via a password file with improper permissions.
Powerscripts Plusmail
3 EDB exploits
NA
CVE-2000-0275
CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user's PIN number, which allows an attacker with access to the .PDB file to generate valid PT-1 tokens after cracking the PIN.
Cryptocard Cryptoadmin 4.1
2 EDB exploits
NA
CVE-2000-0492
PassWD 1.2 uses weak encryption (trivial encoding) to store passwords, which allows an attacker who can read the password file to easliy decrypt the passwords.
Passwd Passwd 1.2
1 EDB exploit
9.8
CVSSv3
CVE-2014-5381
Grand MA 300 allows a brute-force attack on the PIN.
Granding Grand Ma300 Firmware 6.60
1 EDB exploit
NA
CVE-2000-1008
PalmOS 3.5.2 and previous versions uses weak encryption to store the user password, which allows attackers with physical access to the Palm device to decrypt the password and gain access to the device.
Palm Palm Os
1 EDB exploit
NA
CVE-2010-1627
feed.php in phpBB 3.0.7 prior to 3.0.7-PL1 does not properly check permissions for feeds, which allows remote malicious users to bypass intended access restrictions via unspecified attack vectors related to permission settings on a private forum.
Phpbb Phpbb 3.0.7
NA
CVE-2000-0300
The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote malicious users to sniff and decrypt PcAnywhere or NT domain accounts.
Symantec Pcanywhere 9.0
1 EDB exploit
7.5
CVSSv3
CVE-2022-35513
The Blink1Control2 application <= 2.2.7 uses weak password encryption and an insecure method of storage.
Blink1 Blink1control2
2 Github repositories
NA
CVE-2010-1630
Unspecified vulnerability in posting.php in phpBB prior to 3.0.5 has unknown impact and attack vectors related to the use of a "forum id" in circumstances related to a "global announcement."
Phpbb Phpbb
Phpbb Phpbb 3.0.2
Phpbb Phpbb 3.0.0
Phpbb Phpbb 3.0.3
Phpbb Phpbb 3.0.1
7.8
CVSSv3
CVE-2023-31748
Insecure permissions in MobileTrans v4.0.11 allows malicious users to escalate privileges to local admin via replacing the executable file.
Wondershare Mobiletrans 4.0.11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »